Replace "trusted" output flag with security mech ID.

[shibboleth/cpp-opensaml.git] / samltest / saml2 / binding / SAML2ArtifactTest.h

diff --git a/samltest/saml2/binding/SAML2ArtifactTest.h b/samltest/saml2/binding/SAML2ArtifactTest.h
index d0189e5..958e5ed 100644 (file)
--- a/samltest/saml2/binding/SAML2ArtifactTest.h
+++ b/samltest/saml2/binding/SAML2ArtifactTest.h
@@ -61,7 +61,7 @@ public:
             // Decode message.
             string relayState;
             const RoleDescriptor* issuer=NULL;
-            bool trusted=false;
+            const XMLCh* securityMech=NULL;
             QName idprole(samlconstants::SAML20MD_NS, IDPSSODescriptor::LOCAL_NAME);
             auto_ptr<MessageDecoder> decoder(
                 SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML20_BINDING_HTTP_ARTIFACT, NULL)
@@ -70,21 +70,21 @@ public:
             Locker locker(m_metadata);
             auto_ptr<Response> response(
                 dynamic_cast<Response*>(
-                    decoder->decode(relayState,issuer,trusted,*this,m_metadata,&idprole,m_trust)
+                    decoder->decode(relayState,issuer,securityMech,*this,m_metadata,&idprole,m_trust)
                     )
                 );
             
             // Test the results.
             TSM_ASSERT_EQUALS("RelayState was not the expected result.", relayState, "state");
             TSM_ASSERT("SAML Response not decoded successfully.", response.get());
-            TSM_ASSERT("Message was not verified.", issuer && trusted);
+            TSM_ASSERT("Message was not verified.", issuer && securityMech && securityMech==samlconstants::SAML20P_NS);
             auto_ptr_char entityID(dynamic_cast<const EntityDescriptor*>(issuer->getParent())->getEntityID());
             TSM_ASSERT("Issuer was not expected.", !strcmp(entityID.get(),"https://idp.example.org/"));
             TSM_ASSERT_EQUALS("Assertion count was not correct.", response->getAssertions().size(), 1);
 
             // Trigger a replay.
             TSM_ASSERT_THROWS("Did not catch the replay.", 
-                decoder->decode(relayState,issuer,trusted,*this,m_metadata,&idprole,m_trust),
+                decoder->decode(relayState,issuer,securityMech,*this,m_metadata,&idprole,m_trust),
                 BindingException);
         }
         catch (XMLToolingException& ex) {
@@ -102,7 +102,7 @@ public:
     }
     
     saml1p::Response* resolve(
-        bool& authenticated,
+        const XMLCh*& securityMech,
         const vector<SAMLArtifact*>& artifacts,
         const IDPSSODescriptor& idpDescriptor,
         const X509TrustEngine* trustEngine=NULL
@@ -111,7 +111,7 @@ public:
     }
 
     ArtifactResponse* resolve(
-        bool& authenticated,
+        const XMLCh*& securityMech,
         const SAML2Artifact& artifact,
         const SSODescriptorType& ssoDescriptor,
         const X509TrustEngine* trustEngine=NULL
@@ -129,7 +129,7 @@ public:
         sc->setValue(StatusCode::SUCCESS);
         response->marshall();
         SchemaValidators.validate(response.get());
-        authenticated = true;
+        securityMech = NULL;
         return response.release();
     }
 };